| # Stage 1: Build stage with dependencies | |
| FROM python:3.10-slim as builder | |
| WORKDIR /app | |
| # Install build dependencies | |
| RUN pip install --upgrade pip | |
| # Copy requirements first to leverage Docker cache | |
| COPY requirements.txt . | |
| # Install python dependencies | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # --- | |
| # Stage 2: Final stage | |
| FROM python:3.10-slim | |
| WORKDIR /app | |
| # Create a non-root user | |
| RUN useradd --create-home appuser | |
| USER appuser | |
| # Copy installed dependencies from builder stage | |
| COPY --from=builder /usr/local/lib/python3.10/site-packages /usr/local/lib/python3.10/site-packages | |
| COPY --from=builder /usr/local/bin /usr/local/bin | |
| # Copy the application code and model files | |
| # Note: The Docker build context should be the parent directory of 'kronos-api-service' | |
| COPY --chown=appuser:appuser ./ . | |
| # Expose the port the app runs on | |
| EXPOSE 7860 | |
| # Set the default command to run the app with Gunicorn | |
| CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--workers", "1", "app:app"] |